Workflow to retag docker images with CalVer string (#32)

More human readable Calendar Version ([CalVer](https://calver.org/)) tags for docker images published on the docker registry! Steps to trigger this workflow: 1. Make a git tag manually, or on https://github.com/CryoInTheCloud/hub-image/tags. Note that this tag should ideally be in CalVer format (e.g. `2022.12.02`) 2. The tag will trigger this Continuous Integration workflow `retag.yml` which will: 1. Pull down the build docker image from https://quay.io/repository/cryointhecloud/cryo-hub-image corresponding to the git commit that was tagged 2. The docker image will be retagged to a name like `2022.12.02` 3. This retagged docker image is then pushed back up to the docker registry GitHub Actions workflow adapted from https://github.com/pangeo-data/pangeo-docker-images/blob/2022.12.01/.github/workflows/Publish.yml Motivated by #11 (comment) and #13 (comment).
CryoInTheCloud · Dec 5, 2022 · 4fbc6a4 · 4fbc6a4
2 parents f254450 + f58fac1
commit 4fbc6a4
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 0 deletions.
diff --git a/.github/workflows/README.md b/.github/workflows/README.md
@@ -3,5 +3,6 @@
 - binder.yaml - Adds a Binder badge to Pull Requests that are newly opened
 - build.yaml - Build and push docker container images to a docker registry
 - conda-lock-command.yml - Refresh conda-lock files by writing `/condalock` in a Pull Request comment
+- retag.yml - Republish docker images originally tagged with a short hash using a new CalVer string
 - slash-command-dispatch.yml - ChatOps that looks for slash commands in Pull Requests to trigger automated scripts
 - test.yaml - Test building docker container images in a Pull Request
diff --git a/.github/workflows/retag.yml b/.github/workflows/retag.yml
@@ -0,0 +1,50 @@
+# Re-tag staging SHA-tagged image with git tag and 'latest'
+# tags can be anything, but typically calver string (2022.12.02)
+name: Retag
+on:
+  push:
+    tags:
+    - '*'
+
+env:
+  GITHUB_SHA: ${{ github.sha }}
+  GITHUB_REF: ${{ github.ref }}
+
+permissions:  # added using https://github.com/step-security/secure-workflows
+  contents: read
+
+jobs:
+  retag-using-calver:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout Repository
+      uses: actions/checkout@v3
+
+    # https://github.com/actions/runner-images/issues/2840#issuecomment-790492173
+    - name: Free up disk space
+      run: |
+        sudo rm -rf /usr/local/lib/android /usr/share/dotnet /opt/ghc
+        df -h
+
+    - name: Set Job Environment Variables
+      run: |
+        SHA12="${GITHUB_SHA::12}"
+        TAG="${GITHUB_REF##*/}"
+        echo "SHA12=${SHA12}" >> $GITHUB_ENV
+        echo "TAG=${TAG}" >> $GITHUB_ENV
+
+    - name: Login to Quay.io
+      uses: docker/login-action@v2
+      with:
+        registry: quay.io
+        username: ${{ secrets.QUAY_USERNAME }}
+        password: ${{ secrets.QUAY_PASSWORD }}
+
+    - name: Pull Image for Corresponding GitHub Commit
+      run: docker pull quay.io/cryointhecloud/cryo-hub-image:${SHA12}
+
+    - name: Retag Images
+      run: docker tag cryointhecloud/cryo-hub-image:${SHA12} quay.io/cryointhecloud/cryo-hub-image:${TAG}
+
+    - name: Push Tags To Quay.io
+      run: docker push quay.io/cryointhecloud/cryo-hub-image:${TAG}